<?php

namespace App\Http\Middleware;

use Closure;

class Limit
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        \Log::info($request->path());
        \Log::info($request->route()->uri());
        $uri = $request->route()->uri();
        if (\Auth::id() != 1 && $uri != '/' && !\Auth::user()->can($uri)){
//            abort(403,'no permission');
            \Log::info('没有权限');
            if ($request->ajax() || $request->wantsJson()){
                return response()->json(['r' => 2001,'status' => 'error','i' => '没有操作权限']);
            }
            return redirect('noPermission');
        }
        return $next($request);
    }
}
